Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:31 p.m.6 views

CVE-2021-21683

The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Overall/Read permission Windows controller or Job/Workspace permission Windows agents to obtain the...

6.5CVSS6.6AI score0.02103EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/11/22 12:0 a.m.36 views

Jenkins Enterprise and Operations Center < 2.249.33.0.1 / 2.277.42.0.1 / 2.303.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2021-10-06)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.249.x prior to 2.249.33.0.1, 2.277.x prior to 2.277.42.0.1, or 2.x prior to 2.303.2.5. It is, therefore, affected by multiple vulnerabilities, including the following: -...

6.5CVSS6.7AI score0.09149EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/10/08 12:0 a.m.16 views

Jenkins < 2.303.2, < 2.315 Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.4AI score0.09149EPSS
Exploits1References1
CVE
CVE
added 2021/10/06 10:10 p.m.89 views

CVE-2021-21683

CVE-2021-21683 is a path traversal flaw in Jenkins’ file browser present in Jenkins 2.314 and earlier, and LTS 2.303.1 and earlier. On Windows, some file paths could be treated as absolute, enabling attackers with Overall/Read (Windows controller) or Job/Workspace (Windows agents) permissions to ...

6.5CVSS6.2AI score0.02103EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder